Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hZH-nY_z_vzH7ZSOqoplUY8VDV0.roa
File: hZH-nY_z_vzH7ZSOqoplUY8VDV0.roa (raw, json)
Hash identifier: tND2Lty4HrmdZOf+T+TMkE3GdR7ztW3e7jHQUzrhYzw=
Subject key identifier: 85:91:FE:9D:8F:F3:FE:FC:C7:ED:94:8E:AA:8A:65:51:8F:15:0D:5D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01954D135E0E21F82EB4F46AF7715C6FF8CB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hZH-nY_z_vzH7ZSOqoplUY8VDV0.roa
Signing time: Fri 28 Feb 2025 15:01:09 +0000
ROA not before: Fri 28 Feb 2025 15:01:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.50.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.224.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.56.0/22 maxlen: 22
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.159.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
109.176.252.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.88.0/24 maxlen: 24
194.105.90.0/23 maxlen: 24
212.38.79.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
213.218.215.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:13:5e:0e:21:f8:2e:b4:f4:6a:f7:71:5c:6f:f8:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 28 15:01:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8591fe9d8ff3fefcc7ed948eaa8a65518f150d5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ed:72:59:62:47:9f:9d:8c:be:81:71:88:09:
8d:45:78:1e:ff:6c:b3:d6:58:e2:f8:06:02:98:e2:
8b:a0:6b:d2:ba:71:ba:d3:2c:2a:a0:a6:2d:7b:33:
eb:8f:ef:82:91:9c:69:0a:57:af:5c:24:e0:c3:5a:
8d:bf:7e:37:ee:84:26:bf:2c:79:37:49:0d:f9:c2:
84:ad:45:3e:c0:1b:b3:ae:f0:f5:7a:17:a9:31:00:
8f:52:5b:13:c1:e3:cd:9d:76:36:e0:93:3f:2e:1c:
cb:f8:81:fc:c2:2c:d4:f1:29:ed:d2:6b:ec:c2:3a:
64:21:0b:20:79:92:fc:0e:9a:b7:1b:f1:a6:fd:80:
95:ae:a0:53:a2:4d:4d:1f:1d:99:64:9d:44:e7:03:
f9:a7:78:a1:c6:a3:f5:3a:a1:b3:5e:42:e3:01:94:
6e:18:4f:fd:6a:09:3a:35:bf:9f:43:b9:e1:75:5f:
8f:c0:2e:07:5b:bf:9f:16:3c:00:49:52:2a:07:17:
6d:91:ea:d2:44:6b:5a:41:f9:fd:7c:61:57:f5:fc:
27:34:1b:58:75:ea:65:3b:d5:82:58:2b:3a:40:88:
12:d5:e4:90:a8:aa:5b:6c:87:6a:93:f6:ba:b7:42:
31:e8:d3:b6:d5:b3:85:e3:89:5c:2e:da:a5:66:96:
88:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:91:FE:9D:8F:F3:FE:FC:C7:ED:94:8E:AA:8A:65:51:8F:15:0D:5D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hZH-nY_z_vzH7ZSOqoplUY8VDV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.176.0/23
82.153.50.0/24
82.153.136.0/22
82.153.224.0/24
82.153.243.0/24
89.213.44.0/23
89.213.50.0/23
89.213.56.0/22
89.213.129.0/24
89.213.132.0/24
89.213.139.0/24
89.213.143.0/24
89.213.145.0-89.213.146.255
89.213.148.0-89.213.159.255
89.213.162.0/24
89.213.164.0/24
89.213.167.0/24
89.213.169.0/24
89.213.171.0-89.213.175.255
89.213.181.0/24
89.213.191.0/24
89.213.196.0-89.213.207.255
89.213.228.0-89.213.239.255
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
109.176.252.0/24
185.49.126.0/23
185.101.47.0/24
194.105.80.0/20
212.38.79.0/24
212.38.88.0/23
213.152.43.0/24
213.210.52.0/22
213.218.211.0/24
213.218.215.0/24
217.145.65.0-217.145.66.255
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
57:32:ac:55:a2:e1:d0:1b:03:ab:a6:fd:f4:7a:6d:75:bd:5c:
e7:00:8f:f7:8d:ad:d2:73:b1:8d:a1:2a:a6:2e:0d:b8:15:49:
33:9a:55:cf:83:9a:42:d4:64:a2:0c:7b:5e:22:51:ed:66:06:
6a:04:44:48:fe:5a:c1:88:21:40:2e:7d:97:af:77:70:5f:e0:
83:8d:19:7f:07:cd:de:e4:9b:da:58:32:29:9b:72:61:f4:75:
fa:d5:92:11:42:b1:1d:a4:62:39:f5:98:90:16:8e:1f:cd:14:
ae:1e:f5:b0:a2:11:11:d0:bc:1b:99:d6:9e:54:de:56:22:83:
9c:9a:43:16:9a:99:3e:a9:6b:36:f1:77:85:fb:55:68:87:74:
d3:e1:9d:df:58:21:81:03:36:78:8a:8c:2b:00:6d:8c:8f:7b:
9f:b5:38:23:b7:f2:e2:5a:63:9a:97:fd:50:2d:ca:29:50:ea:
30:4c:30:6d:db:27:50:ab:51:f5:78:4e:f8:f2:b6:19:cf:d1:
15:8a:c5:68:7a:02:bc:ff:0a:0f:ea:8a:56:63:30:75:d7:f9:
43:fc:08:15:e2:fa:a7:66:0f:80:8a:b3:11:27:40:f8:ee:3e:
8f:19:03:01:3d:c4:59:4c:0d:5d:f7:fb:b3:bf:68:6c:69:bb:
16:5b:15:c1
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAZVNE14OIfgutPRq93Fcb/jLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjI4MTUwMTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTkxZmU5ZDhmZjNmZWZjYzdlZDk0OGVhYThhNjU1MThmMTUwZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoe1yWWJHn52MvoFxiAmNRXge/2yz
1lji+AYCmOKLoGvSunG60ywqoKYtezPrj++CkZxpClevXCTgw1qNv3437oQmvyx5
N0kN+cKErUU+wBuzrvD1ehepMQCPUlsTwePNnXY24JM/LhzL+IH8wizU8Snt0mvs
wjpkIQsgeZL8Dpq3G/Gm/YCVrqBTok1NHx2ZZJ1E5wP5p3ihxqP1OqGzXkLjAZRu
GE/9agk6Nb+fQ7nhdV+PwC4HW7+fFjwASVIqBxdtkerSRGtaQfn9fGFX9fwnNBtY
deplO9WCWCs6QIgS1eSQqKpbbIdqk/a6t0Ix6NO21bOF44lcLtqlZpaIMQIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFIWR/p2P8/78x+2UjqqKZVGPFQ1dMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaFpILW5ZX3pfdnpIN1pTT3FvcGxVWThWRFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCCASIEAgABMIIB
GgMEAFKYCAMEAVKYsAMEAFKZMgMEAlKZiAMEAFKZ4AMEAFKZ8wMEAVnVLAMEAVnV
MgMEAlnVOAMEAFnVgQMEAFnVhAMEAFnViwMEAFnVjzAMAwQAWdWRAwQAWdWSMAwD
BAJZ1ZQDBAVZ1YADBABZ1aIDBABZ1aQDBABZ1acDBABZ1akwDAMEAFnVqwMEBFnV
oAMEAFnVtQMEAFnVvzAMAwQCWdXEAwQEWdXAMAwDBAJZ1eQDBARZ1eADBANtsBAD
BAJtsMwDBAFtsPIDBABtsPwDBAG5MX4DBAC5ZS8DBATCaVADBADUJk8DBAHUJlgD
BADVmCsDBALV0jQDBADV2tMDBADV2tcwDAMEANmRQQMEANmRQgMEA9mRSDANBgkq
hkiG9w0BAQsFAAOCAQEAVzKsVaLh0BsDq6b99Hptdb1c5wCP942t0nOxjaEqpi4N
uBVJM5pVz4OaQtRkogx7XiJR7WYGagRESP5awYghQC59l693cF/gg40ZfwfN3uSb
2lgyKZtyYfR1+tWSEUKxHaRiOfWYkBaOH80Urh71sKIREdC8G5nWnlTeViKDnJpD
FpqZPqlrNvF3hftVaId00+Gd31ghgQM2eIqMKwBtjI97n7U4I7fy4lpjmpf9UC3K
KVDqMEwwbdsnUKtR9XhO+PK2Gc/RFYrFaHoCvP8KD+qKVmMwddf5Q/wIFeL6p2YP
gIqzESdA+O4+jxkDAT3EWUwNXff7s79obGm7FlsVwQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:19:37 2025 by rpki-client